23 Jul 2024

CVE-2024-6420

8.6 High Severity

The Hide My WP Ghost WordPress plugin before 5.2.02 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.

suggest your own:

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Apps (0)
Operating Systems (0)

xtranslations

xdetection

xremediation

Comments (0)
Comments (0)